Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-42474 | 1 Sap | 1 Businessobjects Web Intelligence | 2024-11-21 | N/A | 6.8 MEDIUM |
| SAP BusinessObjects Web Intelligence - version 420, has a URL with parameter that could be vulnerable to XSS attack. The attacker could send a malicious link to a user that would possibly allow an attacker to retrieve the sensitive information. | |||||
| CVE-2022-22546 | 1 Sap | 1 Businessobjects Web Intelligence | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Due to improper HTML encoding in input control summary, an authorized attacker can execute XSS vulnerability in SAP Business Objects Web Intelligence (BI Launchpad) - version 420. | |||||
| CVE-2021-33667 | 1 Sap | 1 Businessobjects Web Intelligence | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Under certain conditions, SAP Business Objects Web Intelligence (BI Launchpad) versions - 420, 430, allows an attacker to access jsp source code, through SDK calls, of Analytical Reporting bundle, a part of the frontend application, which would otherwise be restricted. | |||||